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(54) Method and system for securely distributing computer software products 



(57) A product distribution and payment system for 
limited use or otherwise restricted digital software prod- 
ucts. Digital content data comprising a software product 
to be rented is made available to customers through a 
detachable local storage medium, such as a DVD or 
CD-ROM disc, or over a network connection. The prod- 
uct digital content is capable of being accessed and 
played back through a computer or game console at the 
customer site. The software product may comprise a 
limited use product that is restricted in the number of 
plays or duration of use. The customer is allowed to 
download and purchase the product using his computer 
or playback console. The product purchase information 
is encoded and transmitted to the content distributor. 
When the preset time or number of plays has elapsed 
the software program is frozen and access to the pro- 
gram is not allowed. In one embodiment of the present 
invention, a two-way, public key/private key encryption 
system is implemented to transmit the product and us- 
age information between the server providing the soft- 
ware product and the customer computer system. 




MO06W/ 
NETWORK 
ADAPTOR 



TV MONITOR 

. . < (DIGITAL BROADCAST / 

PACKAGED TZ NTSC Ofl PAL) 

STORAGE 124 
ME01A 



JFIG-1 



CL 

LU 



Printed by Jouve. 75001 PARIS (FR) 



3DOCID: <EP 1229476A2_I_> 




EP 1 229 



Description 

FIELD OF THE INVENTION 

[0001] The present invention relates generally to 5 
computer networks, and more specifically, to a system 
for distributing and leasing limited use software products 
over computer networks. 

BACKGROUND OF THE INVENTION 10 

[0002] The widespread acceptance of high capacity 
digital media has significantly impacted the distribution 
and marketing of computer programs and general en- 
tertainment products. Increasingly, digital media, such is 
as CD-ROM (Compact Disk - Read Only Memory) and 
DVD (Digital Versatile Disks) media, and removable 
memory cards for computers and handheld digital de- 
vices, are beginning to replace traditional analog media 
such as magnetic cassettes and VHS tapes for the dis- 20 
tribution of a wide range of products. For example, mu- 
sic, movies, computer games, computer programs, and 
even books are increasingly becoming packaged and 
distributed on digital media for playback on CD players, 
computers, DVD players, and other digital devices. 25 
[0003] Moreover, with the advent of the Internet and 
electronic commerce ("e-commerce") business models, 
many digital-based data products, such as computer 
software, games, music, movies : and other digital con- 
tent can conveniently be distributed over computer net- 30 
works. Because of the different types of software con- 
tent and products that can be programmed onto the high 
capacity storage products of present digital media, such 
as CD-ROMS ; traditional distribution models for these 
products are becoming outmoded. The implementation 35 
of downloaded digital content using server-client com- 
puter networks and secure encrypted communications 
greatly facilitates the purchase of digital software prod- 
ucts. As e-commerce models continue to be refined and 
implemented, the distribution of these products is also *o 
undergoing significant changes. In many cases, cus- 
tomers do not need to visit stores and retail locations to 
purchase the physical media that contains the software 
product. Instead, the product can be downloaded direct- 
ly to the customer's computer for storage and playback. 
Using secure credit card and other e-commerce pay- 
ment methods, the product can be purchased on-line as 
well. 

[0004] Although present e-commerce distribution 
methods facilitate the purchase and distribution of so 
standard products that are outrightly bought by the cus- 
tomer, many types of entertainment products are limited 
use products, and such products are usually available 
only as physical packaged products, rather than as 
downloadable content. The best example of such a 55 
product is a movie or computer game that is rented for 
only a short term. At present, distribution of these tem- 
porary or limited use products involves the customer vis- 
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iting a rental location, renting the product and then re- 
turning the product after the rental period. Compared to 
on-line and off-line e-commerce distribution systems 
being developed for unlimited use or non-restricted 
ownership items, such traditional distribution channels 
for limited use products are cumbersome and disadvan- 
tageous. 

[0005] In order to encourage the use or rental of lim- 
ited use computer products or samples, convenient pur- 
chase and distribution methods using present computer 
network capabilities must be developed. What is need- 
ed, therefore, is a system that allows content providers 
or distributors to provide limited use products either as 
physical products or downloadable content and have 
the allocated usage accurately tracked and accounted. 

SUMMARY OF THE INVENTION 

[0006] A product distribution and payment system for 
limited time use or otherwise restricted digital software 
products is described. Digital content data comprising a 
software product to be leased or rented is made availa- 
ble to customers through a detachable local storage me- 
dium, such as a DVD orCD-ROM disc, or over a network 
connection. The software product is capable of being 
accessed and played back through a computer or game 
console at the customer site. The customer is allowed 
to download and purchase the product using his com- 
puter or playback console in an on-line distribution mod- 
el, or receive packaged media containing the software 
product in an off-line distribution model. The software 
product may comprise a limited use product that is re- 
stricted in the number of plays or duration of use. The 
product purchase information is encoded and transmit- 
ted to the product distributor. When the preset time or 
number of plays has elapsed the software program is 
frozen and access to the program is not allowed. In one 
embodiment of the present invention, a two-way, public 
key/private key encryption system is implemented to 
transmit the product and usage information between the 
server providing the software product and the customer 
computer system . The customer communicates with the 
product distributor through either on-line or off-line 
means to decrypt the encrypted software product. 
[0007] Other objects, features, and advantages of the 
present invention will be apparent from the accompany- 
ing drawings and from the detailed description that fol- 
lows below. 

BRIEF DESCRIPTION OF THE DRAWINGS 

[0008] The present invention is illustrated by way of 
example and not limitation in the figures of the accom- 
panying drawings, in which like references indicate sim- 
ilar elements, and in which: 

Figure 1 illustrates a block diagram of a computer 
network system that implements embodiments of 
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the present invention; 

Figure 2A is a flowchart that illustrates the steps of 
distributing and charging for downloaded restricted 
use software products, according to one embodi- 
ment of the present invention; 
Figure 2B illustrates an encryption/decryption proc- 
ess for distributing software products in a client/ 
server computer network, according to one embod- 
iment of the present invention; 
Figure 3 is a flowchart that illustrates the steps of 
distributing a limited use software product for an off- 
line distribution embodiment of the present inven- 
tion; 

Figure 4 is a flowchart that illustrates the steps of 
accessing limited use products for an on-line distri- 
bution embodiment of the present invention; and 
Figure 5 illustrates the composition of an interactive 
game software product that includes encryption 
identification information and use parameters, ac- 
cording to one embodiment of the present inven- 
tion. 

DETAILED DESCRIPTION OF THE PREFERRED 
EMBODIMENT 

[0009] A limited use software distribution and leasing 
system for software products over a computer network 
is described. In the following description, for purposes 
of explanation, numerous specific details are set forth 
in order to provide a thorough understanding of the 
present invention. It will be evident, however to one of 
ordinary skill in the art, that the present invention may 
be practiced without these specific details. In other in- 
stances, well-known structures and devices are shown 
in block diagram form to facilitate explanation. The de- 
scription of preferred embodiments is not intended to 
limit the scope of the claims appended hereto. 
[001 0] Aspects of the present invention may be imple- 
mented on one or more computers executing software 
instructions. According to one embodiment of the 
present invention, server and client computer systems 
transmit and receive data over a computer network or 
standard telephone line. The steps of accessing, down- 
loading, and manipulating the data, as well as other as- 
pects of the present invention are implemented by cen- 
tral processing units (CPU) in the server and client com- 
puters executing sequences of instructions stored in a 
memory. The memory may be a random access memory 
(RAM), read-only memory (ROM), a persistent store, 
such as a mass storage device, or any combination of 
these devices. Execution of the sequences of instruc- 
tions causes the CPU to perform steps according to em- 
bodiments of the present invention. 
[0011] The instructions may be loaded into the mem- 
ory of the server or client computers from a storage de- 
vice or from one or more other computer systems over 
a network connection. For example, a client computer 
may transmit a sequence of instructions to the server 



computer in response to a message transmitted to the 
client over a network by the server. As the server re- 
ceives the instructions over the network connection, it 
stores the instructions in memory. The server may store 
5 the instructions for later execution , or it may execute the 
instructions as they arrive over the network connection. 
In some cases, the downloaded instructions may be di- 
rectly supported by the CPU. In other cases, the instruc- 
tions may not be directly executable by the CPU, and 
10 may instead be executed by an interpreter that inter- 
prets the instructions. In other embodiments, hardwired 
circuitry may be used in place of, or in combination with, 
software instructions to implement the present inven- 
tion. Thus, the present invention is not limited to any 
specific combination of hardware circuitry and software, 
nor to any particularsource for the instructions executed 
by the server or client computers. 
[0012] Figure 1 is a block diagram of a computer net- 
work system that can be used to implement a limited 
20 use software product distribution system, according to 
one embodiment of the present invention. The system 
100 of Figure' 1 enables the transmission, execution 
and/or playback of limited use software products. The 
term "limited use software products" in the context of the 
25 specification and claims shall be understood to refer to 
a collection of downloadable digital data that may con- 
sist of any one of video linear streaming data, such as 
motion picture data in MPEG or MPEG2 format; linear 
audio streaming data, such as music data in-MP3 for- 
30 mat; binary program data; computer games; binary text 
data; or any combination of such data or similar data. In 
general, limited use software products do not- include 
services or data that are used solely to provide access 
to a network, such as web browser software or protocol 
35 handlers whose main function is only to establish a net- 
work connection. 

[0013] As shown in Figure 1, system 100 includes a 
server side system 110 comprising a download service 
management server 1 02, a customer database 1 04, and 

40 a contents database 106, which are interconnected by 
a local area network (LAN) 101. The limited use soft- 
ware product content is generally stored in a contents 
database 106, which makes up part of the server side 
system 110. The customer database 104 stores a col- 

45 lection of data about individual customers who access 
the download server 102 through a bi-directional net- 
work 108. The data for each individual customer may 
consist of the customer's name, home address, age, 
gender, occupation, income, hobbies, purchasing histo- 

50 ry, preferences, and other descriptive information that 
might be useful to vendors or advertisers who are using 
the system. Such data may not be static, but instead 
may be updateable based on a user's access history of 
the primary content data. For example, the data may be 

55 updated to reflect which software products are ac- 
cessed and/or how many times a given category (e.g., 
type of music, genre of movies, and so on) of software 
products are accessed. This enables content providers 
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and advertisers to tailor their messages and content 
more effectively to a given customer 
[0014] The download service management server 
102 is a server system that is configured to handle 
download requests from a user. Access to the server 
102, which may comprise one of several servers, is fa- 
cilitated typically through a router on the LAN 1 01 , which 
directs requests to the download management server 
102. When the server 102 receives requests from a us- 
er, the server executes a download of requested soft- 
ware products from the contents database 1 06. The da- 
ta comprising the products is then transmitted via the 
network 108 by means of a known networking protocol 
standard, such as the file transfer protocol (ftp). 
[0015] The network 108 is normally a bi-directional 
digital communications network that connects the user's 
terminal hardware with the download service manage- 
ment server 1 02 provided on the server side of the sys- 
tem. With current technologies, a CATV (cable televi- 
sion) bi-directional network, ISDN (Integrated Services 
Digital Network), DSL (Digital Subscriber Line), or xDSL 
high-speed networks are examples of existing network 
infrastructures enabling the necessary network connec- 
tions for implementing embodiments of the present in- 
vention. In one embodiment, network 108 may repre- 
sent the Internet, in which case the server 102 typically 
executes a web server process to transmit data in the 
form of HTML data to client computers executing web 
browser processes. 

[001 6] The client side 1 20 of the system configuration 
shown in Figure 1 comprises a modem or network 
adapter 112, a networked game console 114, which uti- 
lizes a detachable storage medium 122 therein, and a 
TV monitor or any other suitable display device 118 con- 
nected to the game console 1 1 4. The modem or network 
adapter 112 is a device that is used to connect the cli- 
ent's terminal hardware, in this case the game console 
114, for connection to the network 108. For example, if 
network 108 is a CATV network, modem 112 may be 
implemented as a cable modem device; and if network 
1 08 is an ISDN network, modem 112 may be implement- 
ed as a terminal adapter. 

[0017] In one embodiment of the present invention, 
the detachable storage media 1 22 stores a collection of 
interactive or non-interactive auxiliary content, such as 
computer games, movies, music clips, or advertise- 
ments which can be made up of video images, anima- 
tions, sounds, applets, and so on. In one embodiment, 
the detachable storage media 122 comprises a 
CD-ROM or DVD disc. For the embodiment illustrated 
in Figure 1 , the detachable storage media 1 22 is a pack- 
aged storage media that stores one or more software 
products for use by the user. Such products may include 
computer games : audio content; video content, or the 
like. The packaged storage media 1 22 may also include 
a download management software program that con- 
trols the downloading of the software product data from 
the contents database 1 06 to the networked game con- 
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sole 114. The client system 1 20 also includes a re-write- 
able storage media 1 1 6 coupled to the networked game 
console 114. During normal operation, the networked 
game console 114 transfers data from the packaged 

5 storage media 122 onto the re-writeable storage media 
for temporary or medium term storage and execution. 
The re-writeable storage media 1 1 6 can also be used to 
store data or programs downloaded by the client system 
120 over network 108. The re-writeable storage media 

10 116 may be implemented as a hard disk drive (HDD), 
flash memory device, or other suitable nonvolatile mem- 
ory device that attaches to the game console 114 
through a port connection. 

[0018] For the embodiment illustrated in Figure 1 , the 

15 network game console 1 1 4 also has an interlace port for 
the installation of a memory card 124. Such a memory 
card might be implemented as a proprietary card format, 
or a standard format device, such as PC/MCI A format 
or a similar card format. The memory card 124 stores 

20 various firmware parameters and operating environ- 
ment data that are specific to the particular network 
game console 114 that the card is installed in. For ex- 
ample, the memory card can be used to store the iden- 
tification number (ID) assigned to the particular game 

25 console. In certain applications, the memory card can 
also be used to store certain software products, such as 
computer games or other programs or content to be 
played back or executed on the game console. 
[0019] In general, the networked game console 114 

30 is a network connectable playback device of interactive 
digital contents. Such a game console 114 normally uti- 
lizes the packaged storage media 1 22 as a contents dis- 
tribution media in a non-networked environment. In oth- 
er words, under ordinary use, the game console 114 is 

35 capable of playing back media contained on the pack- 
aged storage media 122, which is normally an interac- 
tive video program (such as a game) even if the game 
console 114 is not connected to the network 108. For 
this embodiment, the distribution of the software product 

40 is referred to as an "off-line" distribution embodiment. 
The user may also communicate with the server system 
110 in an off-line embodiment. In this case, the server 
is coupled to a public switched telephone network 
(PSTN) 130 that provide access to the user through a 

45 telephone 1 32. The telephone 1 32 may be a touch-tone 
phone that allows the customer to enter alphanumeric 
input in response to command options provided by the 
server system. Alternatively, the user uses the tele- 
phone to transmit voice commands to the server system 

50 110 or speak with an operator associated with server 
system 110. 

[0020] In an alternative embodiment of the present in- 
vention, the packaged storage media 122 is used in a 
networked environment and operates in conjunction 
55 with downloaded primary content retrieved through a 
network connection (such as through the modem 112), 
in order to provide linked or associated user-customized 
auxiliary content. For this alternative embodiment, the 
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distribution of the software product is referred to as an 
"on-line" distribution embodiment. Such auxiliary con- 
tent could be provided by the primary content provider 
server system 110, or by a separate server maintained 
by an auxiliary content provider or other primary content 
provider (not shown). 

[0021] The server may implement various different 
methods of distributing the software product content to 
the user operating the network game console 114. As 
stated above, the product content generally comprises 
limited use digital content such as computer games, mu- 
sic clips, full-length audio and video programs, movies, 
still picture data, and other similar types of content that 
are intended for restricted use by the customer. For ex- 
ample, the content data may comprise a game or movie 
video that has been rented for a certain period of time. 
After the rental period has expired, the content data is 
no longer available to the user. The content might further 
comprise promotional or advertising data associated 
with the primary content, such as movie previews, demo 
games, sample data, and other similar types of content 
that facilitate the user's selection of the distributed prod- 
uct. The ID of the network game console 1 1 4 as encod- 
ed on the memory card 124 or other similar memory 
means is used to facilitate the downloading and execu- 
tion of the software products distributed from the server 
over the network 1 08 or through packaged storage me- 
dia 1 22. In one embodiment, the network game console 
user establishes a user account managed by the server 
102. Data related to the user account is stored in cus- 
tomer database 104. The user is issued an ID number 
that is used to facilitate the purchase and distribution of 
software products requested by the user. 
[0022] In one embodiment of the present invention, 
the network game console 1 1 4 is used by a customer to 
playback the purchased or rented software title. At least 
one encoded software product (also referred to as a 
"software title") to be used by the customer is stored on 
a high capacity RAM medium, such as the unused high 
capacity memory medium on the CD-ROM/DVD-ROM 
housed in the network game console 114 or on a hard 
disk or the like. For example, in the embodiment illus- 
trated in Figure 1 , the encoded software title can be pro- 
vided on packaged storage media 122 or downloaded 
onto a local memory device, such as re-writeable stor- 
age media 1 1 6. In a typical off-line embodiment, in which 
the software product is played back on a playback sys- 
tem 114 that is not connected to a network, the product 
is either obtained by the user from a retail or distribution 
location, or sent to the user in response to a user request 
or as part of a subscription process. Furthermore, the 
communication used to decode the encoded software 
product is accomplished between the user and server 
using off-line means, such as telephone 132. 
[0023] Figure 2A illustrates the steps of encoding and 
distributing a limited use software product, according to 
one embodiment of the present invention. In step 202, 
the program code comprising the software title to be dis- 
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tributed is encrypted, or otherwise securely stored on a 
high capacity memory medium, such as a CD-ROM or 
DVD disk that comprises the packaged storage media 
122. In step 204, an appropriate security mechanism is 

5 established for the distribution of the encrypted software 
title. In one embodiment, a two-way public key/private 
key encryption system is utilized. In this case, each soft- 
ware title to be distributed is first encrypted with the pub- 
lic key for that title. The server must have access to the 

10 private key for each software title that is to be distributed 
or rented. In step 206, the removable memory media 
containing the encrypted software title is distributed to 
the users. In one embodiment, the users are sent, or 
otherwise obtain a copy of the packaged media 1 22, e. 

15 g. disk or other memory media, containing the title. This 
constitutes an off-line distribution of the software prod- 
uct. In an alternative embodiment, the network game 
console 114 may be coupled to the server over a com- 
puter network 1 08. For this embodiment, the users may 

20 be able to download the software title over the network 
for storage on a local hard drive or memory within their 
network game console. This constitutes an on-line dis- 
tribution of the software product. 

[0024] In step 208, the customer decrypts the encrypt- 

25 ed software product to gain access rights to the product. 
The decryption step can be accomplished through either 
off-line means or on-line means. For the off-line decryp- 
tion embodiment, the user uses the telephone 132, or 
similar device, to communicate the appropriate decryp- 

30 tion information, e.g., private key or private password 
information, to the server. The server may then return a 
code that allows access to the software product. The 
user may provide the decryption information to the serv- 
er using alphanumeric entry through a touch-tone phone 

35 or vocal commands to the system directly or an operator. 
For the on-line embodiment in which the client system 
120 is coupled to the server system 110 through a net- 
work 108, the customer transmits the decryption infor- 
mation to the server through the game console 114. 

40 [0025] In step 21 0, the users are given a choice with 
regard to purchase options for the distributed software 
title. In general, there are two purchase options availa- 
ble, the user may pay for use based on the number of 
times the program is accessed (e.g., the number of 

45 times a game is played), or by the amount of time spent 
accessing the program (e.g., total playing time of the 
game). Alternatively, a combination of these two pur- 
chase options may also be possible. For example, the 
use of a program or game may be limited based on a 

50 set number of accesses, each a certain time period long. 
[0026] Figure 2B illustrates an encryption/decryption 
process for distributing software products in a client/ 
server computer network, according to one embodiment 
of the present invention. Figure 2B provides a more de- 

55 tailed illustration of the encryption process illustrated in 
Figure 2A. Figure 2B illustrates the encryption/decryp- 
tion processes performed by a user 220 on a client com- 
puter (or "console") and a server computer 222 over a 
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network. The server computer 222 provides a software 
product (also referred to as a software title) requested 
by the user 220. To ensure secure distribution of the soft- 
ware product over the network, the exchange between 
the user and server incorporates a multi-layered public 
key encryption (PKCS) to enable decryption of the soft- 
ware product content stored on storage media (e.g., 
magnetic or optical disk) by a user from a server. In gen- 
eral, for the process illustrated in Figure 2B, the server 
222 encrypts a key that can be decrypted using a match- 
ing private key created at the client computer (console). 
The server 222 creates a pair of keys (User A and User 
B) and transmits one of the keys (User A) to the user. 
This key allows the user to decrypt the contents of the 
software product. The server encrypts this key using the 
key sent from the user, then re-encrypts the encrypted 
key with its corresponding key (User B) of the key pair, 
and transmits to the user the double encrypted key. 
[0027] For the embodiment illustrated in Figure 5, the 
software title is encrypted with the title public key (Title 
A). To start the process, the user 220 provides user in- 
formation to the server 222. The server 222 uses the 
user information to create a user public key (User A) and 
user private key (User B) pair 226. The server 222 then 
transmits the User A key back to the user 220. A console 
public key/private key pair comprising a Console A key 

228 and a Console B key 229 is then created for the 
user 220. The user encrypts and transmits the console 
public key (Console A) 228 to the server 222 using the 
user public key (User A). The user 220 next transmits 
the title ID to the server 222 for the software product to 
be purchased. The server 222 retrieves title private key 
(Title B) 232 for the specified software product. The Title 
B key is the private key corresponding to the title public 
key (Title A). The server 222 then re-encrypts and trans- 
mits the Title Bkey to the user 220 using the user private 
key (User B). The user then decrypts the encrypted soft- 
ware title using the title public key (Title A). 

[0028] After the decryption of the software title that 
has been encrypted with the title public key (Title A) by 
the user 220, the user transmits purchase information 
240 to the server 222. Using the purchase information, 
the server 222 creates a usage counter 242. The usage 
counter can be embodied in an electronic token that is 
debited with each use, time period, or some other unit 
of measure. The counter is encrypted and transmitted 
to the user 220 using the Console A and User B keys. 
[0029] As illustrated in Figure 2A, the user public key/ 
private key (User A/User B) pair 226 is created by the 
server 222 using the user information provided by the 
user 220. In one embodiment, one user key pair 226 is 
created for the user 220 for use in all subsequent trans- 
actions with server 222 in which the user information 
used to create the key pair is relevant. Alternatively, a 
new key pair 226 is created for each different transaction 
between user 220 and server 222. 
[0030] The console public key/private key pair 228, 

229 is created by the user 220. This key pair can be 



created on the client computer by using hardware iden- 
tification means, such as the unique serial number as- 
sociated with the client computer, or an ID pattern as- 
sociated with the hard disk drive within the client com- 

5 puter. For this embodiment, the key pair can be created 
using authorization software that is stored and executed 
in the hard disk drive of the client computer. Alternative- 
ly, the key pair 228, 229 can be created using a hard- 
ware authorization device, such as a dongle. In general, 

10 a dongle is a hardware-based security device that at- 
taches to the serial or parallel printer port of the client 
computer and uses codes and passwords embedded in- 
side the key to control access to software applications. 
For this embodiment, the software product requested by 

15 the user 220 will only run when that dongle is attached 
to the client computer. 

[0031] As illustrated in Figure 2A, there are four pos- 
sible distribution and customer access embodiments 
available using the system of Figure 1 . The first embod- 

20 jment is one in which the software product is distributed 
to the customer off-line using packaged storage media 
122, and the customer provides decryption information 
to the server off-line using telephone 132. For this em- 
bodiment, the game console is used as a stand-alone 

25 device and is not coupled to the server system 110. 
[0032] For the remaining embodiments, the game 
console 1 1 4 is coupled to the server system 1 1 0 over a 
direct communications or computer network, and some 
aspect of this network is utilized in the distribution and/ 

30 or decryption aspect of the customer transaction. The 
second embodiment is one in which the software prod- 
uct is distributed to the customer on-line through trans- 
mission of the product over network 108, and the cus- 
tomer provides decryption information to the server sys- 

35 tern 110 through the network 108 and game console 
114. The third embodiment is one in which the software 
product is distributed to the customer off-line through the 
use of packaged storage media 122, and the customer 
provides decryption information to the server system 

40 no through the network 108 and game console 114. 
The fourth embodiment is one in which the software 
product is distributed to the customer on-line through 
transmission of the product over network 108, and the 
customer provides decryption information to the server 

4 $ system 110 off-tine using telephone 1 32. 

[0033] Figure 3 is a flowchart that illustrates the steps 
of distributing a limited use software product for an off- 
line distribution embodiment of the present invention. 
Figure 3 generally illustrates the steps executed on both 

50 the user side and server side of the distribution system 
illustrated in Figure 1. For this embodiment, it is as- 
sumed that the user operates a network game console 
1 1 4 upon which the leased software product is to be ex- 
ecuted or played back. The network game console 114 

55 can be implemented as a hardware system that pro- 
vides digital playback of content provided on the media 
stored on re-writeable storage media 116 or packaged 
storage media 122; and can be embodied within a per- 
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sonal computer, dedicated game system (such as the 
Sony® Playstation®), wireless handheld device (such 
as a personal digital assistant, PDA) : or other interactive 
computer entertainment system. For purposes of de- 
scription, the network game console 114 is more gener- 
ally referred to as an "Interactive Computer Entertain- 
ment System." 

[0034] For the off-line embodiment illustrated in the 
flowchart of Figure 3, the Interactive Computer Enter- 
tainment System is operated as a stand-alone game 
playing or content playback system and is not connect- 
ed to network 108 for purposes of product distribution. 
In general, the user interacts with the server 1 02 over a 
phone line 130 and converses with customer service 
personnel or communicates through alphanumeric 
codes entered through the telephone 132 keypad. 
[0035] In one embodiment, aspects of the present in- 
vention are used in a product distribution system in 
which the user has set up an account with the server 
102 in order to receive software products. Thus, in step 
302 of Figure 3, the user establishes an account with 
the server to purchase and receive software products. 
In order to access his or her account, the user calls into 
the server using a touch-tone phone and enters account 
and purchasing information using the numeric keypad 
on the telephone. The server system is set up with a 
pre-set menu to instruct the user to enter the required 
information to complete the purchase transaction. For 
example, once the user has established an account, the 
user is issued an ID number. In step 302, the user enters 
his or her user ID number using the touch-tone tele- 
phone 132. 

[0036] To establish a secure connection between the 
client user and server, the server implements a data en- 
cryption/decryption system. Thus, in step 304, the serv- 
er creates a user public key and a user private key for 
the user. In step 306, the server provides the user with 
the user public key. For the embodiment in which the 
user is communicating with the server over a telephone 
line, this information could be transmitted by a voice syn- 
thesizer which reads the user public key to the user over 
the phone, or by a similar arrangement. Alternatively, 
customer service personnel or operator could read the 
public key information to the user. 
[0037] The packaged media containing a selection of 
software products is distributed to the user. This can oc- 
cur generally at any time prior to the authorization proc- 
ess, and can be accomplished by several means, such 
as sending the packaged media to the customer or pro- 
viding access to the media through a retailer. Using the 
Interactive Computer Entertainment System, the user 
then indicates which software title he or she would like 
to rent or otherwise purchase subject to limited use re- 
strictions. The user may be presented with a menu of 
choices displaying the titles of programs or content 
available to be rented. The user enters his or her user 
public key into the Interactive Computer Entertainment 
System, step 308. In step 31 0, the Interactive Computer 



Entertainment System encrypts the ID number of the 
software title to be rented into the user public key. The 
Interactive Computer Entertainment System also en- 
crypts the memory card public key into the user public 

5 key. In one embodiment, the memory card public key is 
created based on the information stored in the memory 
card and is programmed into the memory card that is 
inserted into the Interactive Computer Entertainment 
System upon use. The Interactive Computer Entertain- 

10 ment System then displays this encrypted information 
on the screen of a display device coupled to the system, 
step 312. 

[0038] The encrypted information provided to the user 
comprises the decryption information that the user pro- 
's vides to the server to verify that the user is authorized 
to receive and use the product. As illustrated in Figure 
2A, the user can transmit the decryption information to 
the user either off-line or on-line depending upon wheth- 
er or not the game console is coupled to the server sys- 
20 tern over a computer network. Thus, in step 316, it is 
determined whether the user is connected to the server 
through either on-line means or off-line means. If the us- 
er is not directly connected to the server (off-line), the 
user transmits the decryption information displayed on 
25 the screen by telephone to the server, step 318. If the 
game console is connected to the server through a di- 
rect communications network, the usertransmits the de- 
cryption information to the server over the network line, 
step 320. 

30 [0039] After the user transmits the decryption infor- 
mation to the server, the server verifies that the user is 
authorized to receive the product. In one embodiment, 
the server may be programmed to provide the user with 
a menu of choices regarding product purchase or rental 
35 options. The user is guided through a pre-determined 
set of menus that accept alphanumeric user input. Al- 
ternatively, voice recognition systems could be imple- 
mented so that the user enters commands using natural 
language input. In step 322, the user follows the instruc- 
40 tions of the server to select the purchase option he or 
she prefers. For a limited use product, the user may be 
prompted to select between renting the product for a 
certain period of time or for a certain number of access- 
es (game plays), or combinations thereof. For embodi- 
es ments in which the user has set up an account that in- 
cludes a fund of money to be drawn upon, the appropri- 
ate purchase or rental fee is debited from the user's ac- 
count. Alternatively, other payment methods could be 
established, such as payment over the phone by credit 
50 card or other electronic fund transfer methods. 

[0040] The process continues from step 324, wherein 
the server retrieves the ID number for the software title 
and the public key for the memory card of the I nteractive 
Computer Entertainment System from the decryption 
55 data (user public key data) received in step 31 8 or 320. 
The server then retrieves the corresponding private key 
for the software title from the database and encrypts it 
into both the memory card public key and the user pri- 
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vate key, step 326. In one embodiment, the software 
programs for the software titles are stored in a contents 
database 106 tightly or loosely coupled to server 102. 
In this step, the server also encrypts the data for the 
purchase option that the user selected into both the 
memory card public key and the user private key. 
[0041 ] In step 328, the server transmits the encrypted 
private key and purchase option information to the user. 
For the off-line distribution embodiment illustrated in 
Figure 3, this information may be provided over the tel- 
ephone 132 to the user. The user then enters this en- 
crypted information into the Interactive Computer Enter- 
tainment System, step 330. In step 332, the Interactive 
Computer Entertainment System decrypts the data us- 
ing the user private key and stores the decrypted data 
on the memory card. 

[0042] For the off-line distribution embodiment of Fig- 
ure 3, the software product for the selected title is pro- 
vided on a packaged storage media, such as disk 122. 
Upon selection by the user, this media is either obtained 
by the user prior to selection of the title to be accessed, 
or it can be sent or otherwise obtained by the user after 
selection of the title. After the user inserts the packaged 
storage media into the Interactive Computer Entertain- 
ment System, the system then boots up the software 
title, step 334. When booted, the software title decrypts 
the title's private key and the purchase option informa- 
tion using the memory card private key. The Interactive 
Computer Entertainment System uses the title private 
key to decrypt the software title so that it is can be ac- 
cessed or played on the system. 
[0043] In one embodiment of the present invention, 
the purchase option information may be coded in the 
form of "tokens" that represent the units of time number 
of game plays. These tokens are updated by the appro- 
priate number of units each time the title is restarted or 
at certain intervals of playing time. For example, for 
games the tokens would be updated at the end of each 
game. When the allotted time is up or the number of 
games remaining reaches zero, the title freezes and will 
not allow user access until the user renews his or her 
rental. 

[0044] The process illustrated in Figure 3 represents 
an embodiment in which the game console 114 is used 
in an off-line environment, and is not coupled to the serv- 
er 1 02 through a network con nection for distribution , and 
is used as a standalone playback or game console. For 
this off-line mode, the user obtains the packaged stor- 
age media containing the selected title, and communi- 
cates with the server 1 02 through a telephone, or some 
other method. In an alternative on-line distribution 
mode, the game console is coupled to the server system 
through a communications or computer network 108. 
[0045] Figure 4 is a flowchart that illustrates the steps 
of distributing a limited use software product for an on- 
line distribution embodiment of the present invention. 
For this embodiment, the network game console 114 is 
coupled to the server over network 108 and is used in 



an on-line mode. For the on-line embodiment, the Inter- 
active Computer Entertainment System is operated as 
a networked game playing or content playback system. 
Thus, although it can be used as a stand-alone unit, the 

5 Interactive Computer Entertainment System is coupled 
to network 1 08 through a network interface. This allows 
the user to communicate with the server 102 through 
the Interactive Computer Entertainment System directly 
rather than through off-line means, such as the tele- 

10 phone or second networked computer. For this embod- 
iment, certain steps in which the user interacts with the 
server, such as to receive the user public key and trans- 
mit game and purchase selection information to the 
server are performed using a network interface to com- 

15 municate with the server directly over the network. A 
graphical user interface providing a menu of commands 
and selection options may be provided on the monitor 
1 1 8 coupled to the network game console 114. 
[0046] In one version of the on-line distribution em- 

20 bodiment of Figure 4, the encoded title is still provided 
on a packaged storage media that is obtained by the 
user for insertion into the Interactive Computer Enter- 
tainment System. In an alternative version of the on-line 
distribution embodiment, the transmission of the select- 

25 ed software product is also accomplished using the net- 
work connection. For this embodiment, the server may 
retrieve the corresponding private key for the software 
title from the database and encrypts it into both the 
memory card public key and the user private key. The 

30 software programs for the software titles may be stored 
in a contents database 1 06 tightly or loosely coupled to 
server 102. In this step, the server also encrypts the data 
for the purchase option that the user selected into both 
the memory card public key and the user private key. 

35 Upon a request by the user, the server transmits the se- 
lected software product to the networked Interactive 
Computer Entertainment System, which then decrypts 
the appropriate encryption data and limited use informa- 
tion, and boots the software. 

40 [0047] Many of the basic process steps illustrated in 
Figure 4 are similar to those performed in the off-line 
distribution process illustrated in Figure 3. The primary 
difference is that in step 406, the server provides the 
public key to the user on-line through the network con- 

45 nection. The servertransmits or downloads the software 
product to the Interactive Computer Entertainment Sys- 
tem through the network connection. In general, this can 
occur at any time during the process. For the on-line dis- 
tribution process, theusercan communicate thedecryp- 

50 tion information to the server computer either through 
on-line or off-line means. In step 416, it is determined 
whether the user transmits the decryption information 
on-line or offline. If off-line, the user transmits the de- 
cryption information to the server over telephone 132, 

55 step 418. If on-line, the user transmits the decryption 
information to the server over network 1 08. The remain- 
ing steps of the on-line distribution process are substan- 
tially similar to the off-line embodiment discussed with 
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reference to Figure 3. 

• [0048] For the processes illustrated in Figures 3 and 
4, the parameters limiting the use of the rented software 
product are embodied within the purchase option infor- 
mation, and can be represented as tokens of time or 
number of accesses. In one embodiment of the present 
invention, the use parameters governing the limited ac- 
cess of the software product is programmed into the dig- 
ital medium containing the product. Figure 5 illustrates 
the composition of an exemplary software product that 
can be used in the system of Figure 1 . 
[0049] Figure 5 illustrates a software program that 
comprises a video game. The game program 500 may 
programmed onto a digital medium, such as a CD-ROM 
or DVD disk by procedures known to those in the art. As 
illustrated in Figure 5, the software program or title 500 
containing the game program 502 has certain different 
types of code sections associated with it. Game pro- 
gram 502 comprises the executable code the makes up 
the game itself. Associated with the game data is a sec- 
tor table 504 that maps the various section of game code 
on the physical disk that the title 500 is stored on. The 
sector table includes the file names, revision dates, 
checksums, and other data associated with the modules 
comprising the game program 502. 
[0050] In one embodiment, a set of program use pa- 
rameters 506 are associated with the game program 
502. The program use parameters include variables that 
encode the limited use constraints of the game program 
502. For example, the program use parameter could be 
a counter value that serves to count the elapsed time of 
use of the game program. In this case, the game pro- 
gram might be distributed on a time-based rental basis. 
When the counter reaches a certain value, access to the 
game program 502 is blocked. Alternatively, the pro- 
gram use parameter could be a count value that counts 
the number of accesses to the game program. Once the 
pre-set number of accesses is exceeded, further access 
to the game program is blocked. Thus, using the pro- 
gram use parameter, once the specified rental period 
has elapsed, the game program or content automatical- 
ly expires. This eliminates the need for the user to return 
the media to the content provider, or otherwise prove to 
the content provider that the product has been discard- 
ed or rendered unusable. 

[0051 ] In one embodiment, the software package 500 
also includes a game ID section 508. This section 
serves to identify the game to the system. The game ID 
section 508 can also be used to encode certain encryp- 
tion data, such as some of the public key/private key 
data used by the system 100 to distribute the game to 
the user. 

[0052] For the embodiment illustrated in Figure 1 , the 
software product distribution scheme utilizes an aspect 
in which the good that is purchased by the user is not 
necessarily the product media itself, but rather a key that 
can be used to unlock the program stored on the media. 
Identification information transmitted by the user is used 
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by the server to generate the unlock key used by the 
user. In an alternative embodiment, the server gener- 
ates the unlock key using identification information as- 
sociated with the media, e.g., a CD disk ID number. 

5 Such a disk ID can be provided directly on the media 
itself or on packaging, or in a similar manner so that it 
is visible to the user who is purchasing the software 
product. An example of the use of this embodiment is in 
the free distribution of a CD or DVD disk that contains 

10 a sample of a program (e.g., a computer game, music, 
movie, etc.). The disk runs a demonstration or sample 
of the program or software application, and the user is 
presented with the option to purchase the complete ex- 
ecutable program by placing an order through the phone 

*5 or website. When a purchase is made, the user is pro- 
vided with a software key (usually an alphanumeric 
string) that will unlock the full version of the software 
program, which is stored encrypted on the free disk. A 
media identifier, such as the CD/DVD serial number is 

20 used to secure the transaction between the user and the 
server. The use of a key that is associated with a media 
identifier prevents the problems associated with provid- 
ing a key based on the playback machine identifier and 
in which all of the distributed media are identical. When 

25 the key is associated with the media, the media can be 
played on any compatible machine, but that particular 
key cannot be used to access other locked copies of the 
disk. 

[0053] In one alternative embodiment, the security 

30 mechanism used to allow the user to access the full pro- 
gram contained on the media is a combination key that 
includes both the media identifier (e.g., disk serial 
number), and the playback machine identifier (e.g., cli- 
ent computerserial number) to generate the unlock key. 

35 For this embodiment, the software would then be keyed 
to both the disk and a specific playback machine. Al- 
though this presents a situation in which the disk cannot 
be played on another playback machine because the 
key is also unique to the CD, there is provided a mech- 

40 anism that allows this. 

[0054] When the user makes a purchase, either 
through on-line or off-line means (e.g., telephone), a da- 
tabase record is maintained which records both the se- 
rial number of the playback machine and the serial 

45 number of the disk. If the user is ever forced to replace 
their playback machine, he or she could request a new 
unlock key by inserting the disk into the new playback 
machine. The database then confirms that the disk se- 
rial number shows a purchase against it and therefore 

50 allows a new unlock key to be generated for the user. In 
one embodiment, an access counter is implemented so 
that the database only allows this procedure to be ac- 
complished a limited number of times. The same proce- 
dure could be used to allow the disc to be played on a 

55 different, rather than replacement, playback machine. 
By limiting the number of times a new key can be gen- 
erated, it is possible to eliminate the piracy of mass pro- 
ducing a disk with a single serial number. Although it 
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may still be possible for unauthorized users to create 
many different serial number disks, they would still need 
to purchase the software for each copy of the serial 
number. In general, this would not be cost effective as 
long as the limit on new keys is low (say only two re- 5 
placement keys are allowed). Furthermore, additional 
security could be required for a replacement key. For 
example, if a replacement key is requested, it may be 
necessary for a security question to be answered or for 
the key to be posted to a specific physical address or e- 10 
mail or for the person to be called back, thus allowing 
some identification of the person requesting the replace- 
ment key. 

[0055] For the above-described embodiment, the us- 
er first receives a freely distributed disk, or other pro- '5 
gram containing media that contains a sample or limited 
version of the software product. At the end of the free 
trial or demo, an instruction page is displayed which tells 
the user how to purchase the game instantly. Purchas- 
ing can be done on-line through the accessing a dis- 20 
played URL to connect to an automated website, or off- 
line through calling a displayed telephone number or 
mailing to a displayed address or fax number. A software 
routine on the disk will then generate a secure key. As 
described above, this key can be generated from just 25 
the disk serial number or from both the disk serial 
number and the serial number of the playback machine, 
both of which can be read by the application. In one em- 
bodiment, the key is an alphanumeric string consisting 
of a combination of letters and numbers. They key that 30 
is generated can be used by server computer to unique- 
ly identify both the disk serial number and also the play- 
back machine serial number. 

[0056] When the user accesses the server computer, 
through either the on-line URL or off-line telephone 35 
number, he or she is asked to enter the key along with 
their credit card billing information. A secure database 
records this information and authorizes the credit card, 
and so on. After this step, the server generates the un- 
lock key. The unlock key is generated as a combination 40 
of the key that user provides and a master key for that 
specific software application. The application is known 
to the server based on the disk serial number. The un- 
lock key is stored securely in a central database, and is 
also an alphanumeric string of letters and numbers. 45 
Once the key is delivered to the user, and the user con- 
firms receipt, the transaction is finished and the data- 
base records the transaction and the keys. If the user 
ever forgets or otherwise needs to reaccess their key, 
they need only to call or go on-line again, enter the disk 50 
ID key which is always presented upon booting the disk 
and retrieve the unlock key since the database knows 
that this is a legitimately purchased key. 
[0057] Once the user has received the unlock key, it 
can be entered into the playback machine through input 55 
means, such as a keyboard or some form of virtual key- 
board. The playback machine stores the unlock key in 
a static memory area, such as a memory card or hard 



disk space. Upon execution, the main application pro- 
gram of the purchased software product verifies that the 
key is authentic and correct for that specific disk and 
playback machine. Assuming that the key is authentic, 
the main application is unlocked. For added security, the 
main executable file can be encrypted so that it cannot 
easily be hacked by an unauthorized user. 
[0058] For this embodiment, transmission of the un- 
lock key between the user and server computer can be 
accomplished using the encryption/decryption mecha- 
nism illustrated with reference to Figures 2A through 5. 
For example, with reference to the process illustrated 
Figure 3A, the embodiment in which the media identifier 
is used to generate an unlock key results in step 310 
including the addition of the disk or media serial number 
with the product ID and user memory card ID encrypted 
in the user public key. Similar additions can be incorpo- 
rated into the flow chart illustrated in Figure 4. 
[0059] In the foregoing, a system has been described 
for distributing limited use software products over a 
computer network. Although the present invention has 
been described with reference to specific exemplary 
embodiments, it will be evident that various modifica- 
tions and changes may be made to these embodiments 
without departing from the broader spirit and scope of 
the invention as set forth in the claims. Accordingly, the 
specification and drawings are to be regarded in an il- 
lustrative rather than a restrictive sense. 



Claims 

1. A method for distributing a software product, com- 
prising the steps of: 

encoding the software product with an encryp- 
tion data string for playback on a client console 
having a storage media detachably installed 
therein; 

receiving user identification data from a 
user using the client console; 

transmitting a first encryption key to the 

user; 

coding an identification for the software 
product in the first encryption key; 

receiving software product purchase in- 
formation from the user; 

encoding data representing the user pur- 
chase information and the first encryption key 
and a second encryption key; and 

transmitting the first encryption key and 
second encryption key to the user to allow the 
user to decrypt the encrypted software product. 

2. The method according to claim 1 , wherein the soft- 
ware product purchase option comprises one of: 
purchasing the software product for a bounded pe- 
riod of time or purchasing the software product for 
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a preset number of accesses. 

3. The method according to claim 2 further comprising 
the step of establishing a communications link be- 
tween the client console and a content provider 
server through a bi-directional communications net- 
work, wherein the communications link between the 
client console and the content provider server com- 
prises a computer network link over a land-based 
computer network, and wherein data received from 
the user and transmitted to the user are transmitted 
over the computer network link using a pre-estab- 
lished network protocol. 

4. The method according to claim 2 further comprising 
the step of establishing a telecommunications link 
between the client console and a content provider 
server, and wherein data received from the user and 
transmitted to the user are transmitted over the tel- 
ecommunications link using a telephone connec- 
tion system, and further wherein, the user provides 
data to be transmitted to the server at least in part 
by alphanumeric codes entered into a telephone 
keypad. 

5. The method according to claim 2 further comprising 
the step of establishing a telephone link between 
the user and a content provider and wherein data 
received from the user and transmitted to the user 
are transmitted over the telephone link. 

6. The method according to claim 2 wherein the first 
encryption key and second encryption key comprise 
part of a two-way public key/private key encryption 
system. 

7. The method according to claim 6 wherein the first 
encryption key comprises a public key of the user, 
and wherein the second encryption key comprises 
a public key of the client console. 

8. The method of claim 7 further comprising the step 
of coding the second encryption key into a remov- 
able memory medium detachably coupled to the cli- 
ent console. 

9. The method of claim 8 further comprising step of 
coding the purchase information and identification 
information for the client console on the removable 
memory medium such that the purchase informa- 
tion and identification information is associated with 
the executable code comprising the software prod- 
uct. 

10. The method of claim 9 wherein the client console 
decodes the software product using a private key 
corresponding to the public key of the first encryp- 
tion key. 



11 . The method of claim 9 wherein the client console is 
an interactive computer game station, and the soft- 
ware product is an interactive computer game exe- 
cutable on the client console. 

5 

12. A system for providing access to restricted use dig- 
ital software products, comprising: 

a server network comprising a server computer, 
10 a customer database storing user information, 

and a content database storing a plurality of 
software product titles; 

a client console operated by a user and config- 
ured to playback a selection of the plurality of 

15 software titles; 

a detachable storage media installable in said 
client console: said detachable storage media 
having a data structure thereon comprising at 
least one of a user identifier, wherein the server 

20 computer distributes a software product to a us- 

er of the client console and encrypts the soft- 
ware product using information comprising the 
user identifier and a purchase option governing 
use of the software product by the user. 

25 

13. The system of claim 12 wherein the user transmits 
decryption information to the server computer to 
provide access to the software product distributed 
to the user. 

30 

14. The system of claim 13 wherein the server compu- 
ter distributes the software product to the user on a 
readable disk media. 

35 15. The system of claim 13 wherein the server compu- 
ter distributes the software product to the user over 
a communications link coupling the client computer 
to the server. 

^0 16. The system of claim 14 wherein the user transmits 
the decryption information to the server computer 
using a telephone coupled to the server computer 
through a public switched telephone network. 

^5 17. The system of claim 15 wherein the user transmits 
the decryption information to the server computer 
over the communications link. 

18. The system of claim 13, wherein the purchase op- 
50 tion comprises using the software product for a pre- 
set period of time. 

19. The system of claim 13, wherein the purchase op- 
tion comprises using the software product for a pre- 
ss set period of accesses. 

20. The system of claim 13 wherein the software prod- 
uct is encrypted using a public key/private key en- 
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cryption system, and wherein a user public key is 
assigned and transmitted to the user and a client 
console public key is assigned and coded in the de- 
tachable storage media installable in the client con- 
sole. 

21. The system of claim 13, wherein the client console 
is an interactive game computer, and the software 
product comprises an interactive computer game 
executable by the client console. 

22. A server computer coupled to one or more client 
computers over a communications network, the 
server computer comprising: 

a customer database storing user information, 
and a content database storing a plurality of 
software product titles; 

a distribution module distributing a software 
product from the plurality of software product 
titles to a user of a client computer of the one 
or more client computers upon request of the 
user; 

an encryption module encrypting the software 
product using information comprising a user 
identifier and a purchase option governing use 
of the software product by the user; and 
a decryption module receiving decryption infor- 
mation from the user and providing access to 
the software product upon confirmation of the 
decryption information. 

23. The server computer of claim 22, wherein the pur- 
chase option comprises one of: 

using the software product for a pre-set period 
of time, and using the software product for a 
pre-set period of accesses. 

24. The server computer of claim 23 wherein the soft- 
ware product is encrypted using a public key/private 
key encryption system, and wherein a user public 
key is assigned and transmitted to the user and a 
client console public key is assigned and coded in 
the detachable storage media installable in the cli- 
ent console. 

25. The server computer of claim 24, wherein the client 
computer is an interactive game computer, and the 
software product comprises an interactive compu- 
ter game executable by the client console. 

26. The server computer of claim 25 wherein the soft- 
ware product and decryption information are trans- 
mitted between the server computer and client com- 
puter over the communications network. 

27. The server computer of claim 25 wherein the soft- 



ware product is distributed to the client computer on 
a readable disk media accessible by the client com- 
puter, and wherein the decryption information is 
communicated to the server computer by the user 
5 over telephone system. 

28. An article of manufacture embodying a program of 
instructions executable by a machine, the program 
of instructions executed in network comprising a 

10 communications link between a client console and 
a content provider server through the network, the 
article of manufacture including instructions for: 

receiving user identification data from a user 
15 using the client console; 

transmitting a first encryption key to the user; 

coding an identification for the software product 

in the first encryption key 

receiving software product purchase informa- 
20 tion from the user; 

encoding data representing the user purchase 

information and the first encryption key and a 

second encryption key; and 

transmitting the first encryption key and second 
25 encryption key to the user. 

29. The article of manufacture of claim 28 further includ- 
ing instructions forallowingthe userto purchase the 
software product for a bounded period of time or to 

30 purchase the software product for a preset number 
of accesses. 

30. The article of manufacture of claim 29 further includ- 
ing instruction for decoding decryption information 

35 transmitted by the user to gain access to the soft- 
ware product. 

31. A method for limiting use of a distributed software 
product executed on a user console, comprising the 

40 steps of: 

encrypting the software product with a first 
product key of a software cryptography system; 
distributing the software product to a user of the 

^5 user console; 

receiving a first console key of a console cryp- 
tography system comprising a first and second 
user key which are created on the user console; 
encrypting a second product key of the soft- 

50 ware cryptography system, the second product 

key related to the first product key by the soft- 
ware cryptography system; and 
transmitting the encrypted second product key 
to the user so that the encrypted software prod- 

55 uct can be decrypted on the user console using 

the first user key. 

32. The method of claim 31 furthercomprising the steps 
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of: 



receiving user purchase information from the 
user; 

associating a counter value with the software 5 
product to limit use of the software product rel- 
ative to a usage parameter. 

33. The method of claim 32 further comprising the steps 

of: 10 

encrypting the counter value using the first con- 
sole key; 

encrypting the encrypted counter value using 
the second user key; 

transmitting the double encrypted counter val- 
ue to the user; 

allowing the user to decrypt the double encrypt- 
ed counter value on the console using the first 
user key. 

34. The method of claim 32 wherein the usage param- 
eter comprises a number of times the software 
product is accessed. 

25 

35. The method of claim 32 wherein the usage param- 
eter comprises a period of time during which the 
software product may be accessed. 

36. The method of claim 32 wherein the software prod- 30 
uct is programmed onto a readable medium capa- 
ble of being played in a playback device coupled to 

the user console, and wherein the first console key 
comprises an identifier associated with the reada- 
ble medium. 35 

37. The method of claim 32 wherein the software prod- 
uct is programmed onto a readable medium capa- 
ble of being played in a playback device coupled to 

the user console, and wherein the first console key *o 
comprises an identifier associated with the reada- 
ble medium and a serial number of the user con- 
sole. 



means for encrypting the software product with 
a first product key of a software cryptography 
system: 

means for distributing the software product to 
a user of the user console; 
means for receiving a first console key of a con- 
sole cryptography system comprising a first 
and second user key which are created on the 
user console; 

means for encrypting a second product key of 
the software cryptography system, the second 
product key related to the first product key by 
the software cryptography system; and 
means for transmitting the encrypted second 
product key to the user so that the encrypted 
software product can be decrypted on the user 
console using the first user key. 

41. The apparatus of claim 40 further comprising: 

means for receiving user purchase information 
from the user; 

means for associating a counter value with the 
software product to limit use of the software 
product relative. to a usage parameter. 

42. The apparatus of claim 41 further comprising: 

means for encrypting the counter value using 
the first console key; 

means for encrypting the encrypted counter 
value using the second user key; 
means for transmitting the double encrypted 
counter value to the user; 
means for allowing the user to decrypt the dou- 
ble encrypted counter value on the console us- 
ing the first user key. 

43. The apparatus of claim 42 wherein the usage pa- 
rameter comprises one of a number of times the 
software product is accessed; and a period of time 
during which the software product may be ac- 
cessed. 



45 44. The apparatus claim 42 wherein the software prod- 
uct is programmed onto a readable medium capa- 
ble of being played in a playback device coupled to 
the user console, and wherein the first console key 
comprises an identifier associated with the reada- 

50 ble medium. 



38. The method of claim 33 wherein the software prod- 
uct is distributed to the user over a communication 
link coupling the user console to a content provider 
server. 

39. The method of claim 33, wherein the client console 
is an interactive game computer, and the software 
product comprises an interactive computer game 
executable by the client console. 

40. An apparatus for limiting use of a distributed soft- 
ware product executed on a user console, compris- 
ing: 



45. The apparatus of claim 42 wherein the software 
product is programmed onto a readable medium ca- 
pable of being played in a playback device coupled 
55 to the user console, and wherein the first console 
key comprises an identifier associated with the 
readable medium and a serial number of the user 
console. 



13 



?DOCID: <EP 1229476A2_I_> 



25 



EP 1 229 476 A2 



46. The apparatus of claim 42 wherein the software 
product is distributed to the user over a communi- 
cation link coupling the user console to a content 
provider server. 

47. The apparatus of claim 42, wherein the client con- 
sole is an interactive game computer, and the soft- 
ware product comprises an interactive computer 
game executable by the client console. 

48. A method for distributing a software product for ex- 
ecution on a user console, comprising of the steps 
of: 

distributing the software product to a user of the 
user console, wherein the software is stored on 
a detachable storage media and locked such 
that access is limited to an authorized user; 
receiving a media identification of the detacha- 
ble storage media, the media identification as- 
sociated with each media; 
generating a key to unlock the software using 
the media identification; and 
transmitting the key to the user so that the soft- 
ware product can be unlocked on the user con- 
sole using the key when the user executes the 
software product from the detachable storage 
media. 
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52. A server computer configured to facilitate the distri- 
bution of a software product distributed to a user of 
a user console for execution on the user console, 
the server computer programmed to: 

store and lock the software product on a de- 
tachable storage media, such that access to the 
software product is limited to authorized users 
of the software product; 

receive a media identification of the detachable 
storage media, the media identification associ- 
ated with each media; 

generate a key to unlock the software using the 
media identification; and 
transmit the key to the user so that the software 
product can be unlocked on the user console 
using the key when the software product is ex- 
ecuted from the detachable storage media. 

53. The server computer of claim 52, wherein the key 
is stored in a memory device coupled to the user 
console. 



25 



49. The method according to claim 48 further compris- 
ing the step of storing the key on a memory device 
coupled to the user console. 



30 



50. An article of manufacture embodying a program of 

instructions executable by a machine, the program 35 
of instructions facilitating distribution of a software 
product executed on a user console and transmitted 
to a user of the userconsole, the program of instruc- 
tions comprising instructions for: 

40 

storing and locking the software product on a 
detachable storage media, such that access to 
the software product is limited to authorized us- 
ers of the software product; 

receiving a media identification of the detacha- 4 $ 
ble storage media, the media identification as- 
sociated with each media; 
generating a key to unlock the software using 
the media identification; and 

transmitting the key to the user so that the soft- 50 
ware product can be unlocked on the user con- 
sole using the key when the software product 
is executed from the detachable storage media. 



51 . The article of manufacture according to claim 50 fur- 
ther comprising instructions for storing the key on a 
memory device coupled to the user console. 
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